MS16-133: Description of the security update for Excel 2016: November 8, 2016

Summary

This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Security Bulletin MS16-133.

Note To apply this security update, you must have the release version of Microsoft Excel 2016 installed on the computer.

Improvements and fixes

This security update contains improvements and fixes for the following nonsecurity issues:

Added some new Get & Transform features in Excel 2016. For more information, see 3127896.

When you try to get data from a Microsoft Access database by using Access queries that reference linked ODBC tables, and the tables require a user name and password, you receive the following error message: The query did not run or the database could not be opened. Check the database server or contact your database administrator. Make sure the external database is available and hasn't been moved or reorganized, then try the operation again." This issue occurs in the 64-bit version of Microsoft Excel 2016.

After you run the document inspection for a workbook in Excel 2016, PivotTable refresh operations may be broken.

GDI object leak occurs in the Find and Replace dialog box.

Some network calls to older version of Microsoft SharePoint Server no longer occur.

When you load certain Workbook files that contain blank strings in an external cell table in Excel 2016, Excel may calculate an incorrect value in a linked cell until the links are updated again.

How to get and install the update

Method 1: Microsoft Update

This update is available from Microsoft Update. When you turn on automatic updating, this update will be downloaded and installed automatically. For more information about how to get security updates automatically, see the "Turn on automatic updating in Control Panel" section of this Safety & Security Center article.